/*
 * SyncResource.java
 *
 * Created on April 12, 2007, 1:39 PM
 *
 * To change this template, choose Tools | Template Manager
 * and open the template in the editor.
 */

package org.atomojo.auth.service.app;

import java.sql.SQLException;
import java.util.UUID;
import java.util.logging.Level;
import org.atomojo.auth.service.db.AuthDB;
import org.atomojo.auth.service.db.Realm;
import org.atomojo.auth.service.db.RealmUser;
import org.atomojo.auth.service.db.Role;
import org.atomojo.auth.service.db.User;
import org.restlet.Request;
import org.restlet.data.Status;
import org.restlet.representation.Representation;
import org.restlet.representation.StringRepresentation;
import org.restlet.resource.ServerResource;

/**
 *
 * @author alex
 */
public class RoleCheckResource extends ServerResource
{
   
   long expiration = 3600*1000;
   AuthDB db;
   String roleName;
   String roleId;
   String realmName;
   String realmId;
   String userAlias;
   String userId;
   /** Creates a new instance of SyncResource */
   public RoleCheckResource() {
      setNegotiated(false);
   }

   protected void doInit() {
      db = (AuthDB)getRequest().getAttributes().get(AuthApplication.DB_ATTR);
      roleName = AuthApplication.getStringAttribute(getRequest(),"name",null);
      roleId = AuthApplication.getStringAttribute(getRequest(),"uuid",null);
      realmName = AuthApplication.getStringAttribute(getRequest(),"realm-name",null);
      realmId = AuthApplication.getStringAttribute(getRequest(),"realm-id",null);
      userAlias = AuthApplication.getStringAttribute(getRequest(),"user-alias",null);
      userId = AuthApplication.getStringAttribute(getRequest(),"user-id",null);
   }
   
   public Representation get()
   {
      try {
         Role role = fetchRole();
         if (role==null) {
            getResponse().setStatus(Status.CLIENT_ERROR_NOT_FOUND);
            return new StringRepresentation("Role not found.");
         }
         if (realmId!=null || realmName!=null) {
            Realm realm = fetchRealm();
            if (realm==null) {
               getResponse().setStatus(Status.CLIENT_ERROR_NOT_FOUND);
               return new StringRepresentation("Realm not found.");
            }
            RealmUser user = fetchRealmUser(realm);
            if (user==null) {
               getResponse().setStatus(Status.CLIENT_ERROR_NOT_FOUND);
               return new StringRepresentation("User not found.");
            }
            if (user.hasRole(role)) {
               getResponse().setStatus(Status.SUCCESS_NO_CONTENT);
            } else {
               getResponse().setStatus(Status.CLIENT_ERROR_UNAUTHORIZED);
            }
            return null;
            
         } else {
            User user = fetchUser();
            if (user==null) {
               getResponse().setStatus(Status.CLIENT_ERROR_NOT_FOUND);
               return new StringRepresentation("User not found.");
            }
            if (user.hasRole(role)) {
               getResponse().setStatus(Status.SUCCESS_NO_CONTENT);
            } else {
               getResponse().setStatus(Status.CLIENT_ERROR_UNAUTHORIZED);
            }
            return null;
         }
      } catch (SQLException ex) {
         getContext().getLogger().log(Level.SEVERE,"Cannot get user data from database.",ex);
         getResponse().setStatus(Status.SERVER_ERROR_INTERNAL);
         return new StringRepresentation("Exception during processing, see logs.");
      }
   }
   
   protected Realm fetchRealm()
      throws SQLException,IllegalArgumentException
   {
      Realm realm = null;
      if (realmName!=null) {
         realm = db.getRealm(realmName);
      }
      if (realmId!=null) {
         UUID id = UUID.fromString(realmId);
         realm = db.getRealm(id);
      }
      return realm;
   }
   
   protected Role fetchRole()
      throws SQLException,IllegalArgumentException
   {
      Role role = null;
      if (roleName!=null) {
         role = db.getRole(roleName);
      }
      if (roleId!=null) {
         UUID id = UUID.fromString(roleId);
         role = db.getRole(id);
      }
      return role;
   }
  
   protected User fetchUser()
      throws SQLException,IllegalArgumentException
   {
      User user = null;
      if (userAlias!=null) {
         user = db.getUser(userAlias);
      }
      if (userId!=null) {
         UUID id = UUID.fromString(userId);
         user = db.getUser(id);
      }
      return user;
   }
   
   protected RealmUser fetchRealmUser(Realm realm)
      throws SQLException,IllegalArgumentException
   {
      RealmUser user = null;
      if (userAlias!=null) {
         user = db.getRealmUser(realm,userAlias);
      }
      if (userId!=null) {
         UUID id = UUID.fromString(userId);
         user = db.getRealmUser(realm,id);
      }
      return user;
   }
}
